Once an enclave is launched, the AESM (Architectural Enclave Service Manager) facilitates the provision of the PCK (Provisioning Certification Key) Certificate to the Quoting Enclave. Within the LibOS-based environment, the application code executing inside can then initiate a request for a quote corresponding to its report. This report incorporates a hash of user-supplied data, enabling the inclusion of any desired information during the attestation process.

In the overall setup, everything apart from the application code is available within a base Docker container, which serves as a foundation for enclaving custom binaries. In most scenarios, particularly in the case of LibOS-based enclaving, the applications are unaware that they are operating within a Trusted Execution Environment and, therefore, do not provide their own attestations.

Rather than modifying each application to incorporate attestation handling, we provide a premain binary that executes prior to the workload itself. This approach enables the provisioning of secrets to applications within temporary storage located in enclave memory. As a result, the application configuration achieves transparency, allowing for simple usage of file paths to access these provisioned files.